0dcf7474a41e6c6bc0b735c164221c00_JaffaCakes118

General

Target

0dcf7474a41e6c6bc0b735c164221c00_JaffaCakes118
Size

187KB
MD5

0dcf7474a41e6c6bc0b735c164221c00
SHA1

318fad8fcb7d2da6f3a9fc9ca6a9f55c4e212e86
SHA256

c12e487798f925ff50442233048f3cabb23e197e4a7b2d25bb0f9777a243eabe
SHA512

6900cd5ee2be7f6926a7fbe59c285330cdcc0b7e549f3d8f6dd54b35f83aae4f0ac01009bb7d76fbfcfc155138eab9aef8f27230ee4b9e7f3b629def24c21e8f
SSDEEP

3072:Wmpk9Kykacj8QbTZo4Kk89tdbw17PMuPCxizJkquhlWK29p7jGuB:5eFBcIQZ0kmrOkDwSqunWKWhGuB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dcf7474a41e6c6bc0b735c164221c00_JaffaCakes118

Files

0dcf7474a41e6c6bc0b735c164221c00_JaffaCakes118
.exe windows:4 windows x86 arch:x86

230ad453d976ef89621d6e2bd9b6c2de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipGetImageHeight
GdipCreateBitmapFromFile
GdipGetImageWidth
GdipGetImagePixelFormat
GdipDisposeImage

comctl32

ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter

user32

DestroyMenu
RedrawWindow
FindWindowA
CreatePopupMenu
ClipCursor
TrackPopupMenuEx
GetDesktopWindow

advapi32

RegSetValueExW
RegQueryValueExW
RegDeleteKeyW
RegSetValueW
RegCloseKey
RegCreateKeyW
RegOpenKeyExW
RegEnumKeyExW

ole32

StringFromGUID2
CoInitialize
CoUninitialize
CoFreeUnusedLibraries
CoCreateInstance

msimg32

AlphaBlend
TransparentBlt

gdi32

StretchBlt
GetObjectType
SelectObject
CreateDIBSection
CreatePen
LineTo
CreateDCW
BitBlt
CreateCompatibleDC
SetStretchBltMode
DeleteDC
CreateBitmap

winmm

timeGetTime

kernel32

GetEnvironmentStringsW
GetVersionExA
WaitCommEvent
LocalFree
EnumResourceNamesW
ExitProcess
LoadLibraryW
LocalAlloc
ExitProcess
GetModuleFileNameA

Sections

.text
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsr
Size: 512B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

230ad453d976ef89621d6e2bd9b6c2de

Headers

File Characteristics

Imports

gdiplus

comctl32

user32

advapi32

ole32

msimg32

gdi32

winmm

kernel32

Sections

.text Size: 138KB - Virtual size: 138KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 45KB - Virtual size: 44KB

.rsr Size: 512B - Virtual size: 80KB

.text
Size: 138KB - Virtual size: 138KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 45KB - Virtual size: 44KB

.rsr
Size: 512B - Virtual size: 80KB